Legal claims defining the scope of protection, as filed with the USPTO.
1. A method for authenticating a user attempting to access a protected resource via a processing device without requiring the user to present a predetermined credential, the method comprising the steps of: receiving, from the user, a request to access the protected resource without providing a predetermined credential associated with the user, wherein the protected resource is an internal resource of the processing device accessible via user authentication; extracting one or more characteristics from information stored within the protected resource, wherein the extracted one or more characteristics comprise data associated with activity performed by the user during a previous authenticated access made using the predetermined credential; processing the extracted one or more characteristics to formulate one or more questions for the user; presenting the one or more questions to the user; receiving input from the user responsive to the presenting of the one or more questions; granting or denying access to the protected resource without using the predetermined credential based at least in part on the input received from the user; and responsive to denying access to the protected resource without using the predetermined credential, applying a throttling mechanism requiring the user to wait a predetermined time before being permitted to make a new request to access the protected resource without using the predetermined credential to reduce a likelihood of inferring the extracted one or more characteristics from the one or more questions presented over multiple requests to access the protected resource without using the predetermined credential; wherein the predetermined time is increased after each unsuccessful attempt to access the protected resource without using the predetermined credential; and wherein the information stored within the protected resource comprises information stored entirely in a memory of the processing device in an ordinary course of operation of the protected resource during the previous authenticated access.
2. The method of claim 1 wherein the processing device comprises a personal computing device and the steps of the method are implemented under control of a processor of the personal computing device without requiring the personal computing device to have network connectivity while the steps are carried out.
3. The method of claim 1 wherein the processing device comprises a server accessible to a personal computing device over a network and the steps of the method are implemented under control of a processor of the server.
4. The method of claim 1 wherein the extracted one or more characteristics comprise data associated with a contact that had been entered in an address book of the protected resource during the previous authenticated access made using the predetermined credential.
5. The method of claim 1 wherein the extracted one or more characteristics comprise data associated with a scheduled item that had been entered in a schedule of the protected resource during the previous authenticated access made using the predetermined credential.
6. The method of claim 1 wherein the extracted one or more characteristics comprise data associated with name or subject information that had been entered in an email message of the protected resource during the previous authenticated access made using the predetermined credential.
7. The method of claim 1 wherein the extracted one or more characteristics comprise data associated with information that had been entered in a file of the protected resource during the previous authenticated access made using the predetermined credential.
8. The method of claim 1 wherein the extracted one or more characteristics comprise data associated with information that had been entered in a game of the protected resource during the previous authenticated access made using the predetermined credential.
9. The method of claim 1 wherein the extracted one or more characteristics are extracted from meta-data of a personal dynamic operating environment of the protected resource wherein the meta-data was stored during the previous authenticated access made using the predetermined credential.
10. The method of claim 1 wherein the one or more questions comprise at least one of the following: a first question based on a specified contact entered into an address book of the protected resource during the previous authenticated access; and a second question based on a scheduled item entered into a schedule of the protected resource during the previous authenticated access.
11. A non-transitory processor-readable storage medium having encoded therein one or more software programs, wherein the one or more software programs when executed by at least one processor cause said at least one processor: to receive, from a user, a request to access a protected resource without providing a predetermined credential associated with the user, wherein the protected resource is an internal resource of a processing device accessible via user authentication; to extract one or more characteristics from information stored within the protected resource, wherein the extracted one or more characteristics comprise data associated with activity performed by the user during a previous authenticated access made using the predetermined credential; to process the extracted one or more characteristics to formulate one or more questions for the user; to present the one or more questions to the user; to receive input from the user responsive to the presenting of the one or more questions; to grant or deny access to the protected resource without using the predetermined credential based at least in part on the input received from the user; and responsive to denying access to the protected resource without using the predetermined credential, to apply a throttling mechanism requiring the user to wait a predetermined time before being permitted to make a new request to access the protected resource without using the predetermined credential to reduce a likelihood of inferring the extracted one or more characteristics from the one or more questions presented over multiple requests to access the protected resource without using the predetermined credential; wherein the predetermined time is increased after each unsuccessful attempt to access the protected resource without using the predetermined credential; and wherein the information stored within the protected resource comprises information stored entirely in a memory of the processing device in an ordinary course of operation of the protected resource during the previous authenticated access.
12. The processor-readable storage medium of claim 11 wherein the extracted one or more characteristics comprise at least one of: data associated with a contact that had been entered in an address book of the protected resource during the previous authenticated access made using the predetermined credential; and data associated with a scheduled item that had been entered in a schedule of the protected resource during the previous authenticated access made using the predetermined credential.
13. The processor-readable storage medium of claim 11 wherein the one or more questions comprise at least one of the following: a first question based on a specified contact entered into an address book of the protected resource during the previous authenticated access; and a second question based on a scheduled item entered into a schedule of the protected resource during the previous authenticated access.
14. An apparatus comprising: at least one processing device for authenticating a user attempting to access a protected resource without requiring the user to present a predetermined credential, each such processing device comprising a processor and a memory coupled to the processor; wherein said at least one processing device is configured: to receive, from a user, a request to access the protected resource without providing a predetermined credential associated with the user, wherein the protected resource is an internal resource of said at least one processing device accessible via user authentication; to extract one or more characteristics from information stored within the protected resource, wherein the extracted one or more characteristics comprise data associated with activity performed by the user during a previous authenticated access made using the predetermined credential; to process the extracted one or more characteristics to formulate one or more questions for the user; to present the one or more questions to the user; to receive input from the user responsive to the presenting of the one or more questions; to grant or deny access to the protected resource without using the predetermined credential based at least in part on the input received from the user; and responsive to denying access to the protected resource without using the predetermined credential, to apply a throttling mechanism requiring the user to wait a predetermined time before being permitted to make a new request to access the protected resource without using the predetermined credential to reduce a likelihood of inferring the extracted one or more characteristics from the one or more questions presented over multiple requests to access the protected resource without using the predetermined credential; wherein the predetermined time is increased after each unsuccessful attempt to access the protected resource without using the predetermined credential; and wherein the information stored within the protected resource comprises information stored entirely in the memory of said at least one processing device in an ordinary course of operation of the protected resource during the previous authenticated access.
15. The apparatus of claim 14 wherein said at least one processing device comprises a personal computing device.
16. The apparatus of claim 14 wherein said at least one processing device comprises a server accessible to a personal computing device over a network.
17. The apparatus of claim 14 wherein said at least one processing device comprises: an extractor component configured to extract the one or more characteristics from stored meta-data of the protected resource that had been entered in a personal dynamic operating environment of the protected resource during the previous authenticated access made using the predetermined credential; and an authentication component coupled to the extractor component and configured to receive the input from the user responsive to the presenting of the one or more questions and to grant or deny access to the protected resource without using the predetermined credential based at least in part on the input received from the user.
18. The apparatus of claim 17 wherein the extractor component and the authentication component are implemented in a personal computing device and further wherein the personal computing device is not required to have network connectivity in order to determine if access to the protected resource should be granted or denied.
19. The apparatus of claim 14 wherein the extracted one or more characteristics comprise data associated with a contact that had been entered in an address book of the protected resource during the previous authenticated access made using the predetermined credential.
20. The apparatus of claim 14 wherein the extracted one or more characteristics comprise data associated with a scheduled item that had been entered in a schedule of the protected resource during the previous authenticated access made using the predetermined credential.
21. The apparatus of claim 14 wherein the extracted one or more characteristics comprise data associated with information that had been entered in a game of the protected resource during the previous authenticated access made using the predetermined credential.
Unknown
June 6, 2017
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.